"In order to call a product or consumer device secure, even its maker shouldn't be able to break into it," she writes, explaining that features often seen as harmless (for example, allowing the authorized update process to bypass the passcode input process) are actually critical flaws that no maker of a secure device should allow. "And that means Apple, too."